4ed19fe8de5f2e052ba10a4c75a8b2b1021e6677f4a53d25d23e8b4c6aab6f1b | Triage

Sharing

General

Target

4ed19fe8de5f2e052ba10a4c75a8b2b1021e6677f4a53d25d23e8b4c6aab6f1b
Size

436KB
Sample

221125-kt2hzsab6x
MD5

eb95510832c034f4d8a175a957aeb0a5
SHA1

8a95529ededdd5b90d7d3ee3b2e0e93e098b794b
SHA256

4ed19fe8de5f2e052ba10a4c75a8b2b1021e6677f4a53d25d23e8b4c6aab6f1b
SHA512

76411e98cf463bbc462e02c8959c3fe06bfa38a1d4b34ad209306db07741d2a558dc15886a3ad215e451f569dd16967825690ddeddad0a7f341e5409974e6255
SSDEEP

12288:7MSU4joci8M6PW1GVFeFd60DFUyhehYM:ASUCpM2W1Gvgmyehv

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  4ed19fe8de5f2e052ba10a4c75a8b2b1021e6677f4a53d25d23e8b4c6aab6f1b
- Size
  
  436KB
- MD5
  
  eb95510832c034f4d8a175a957aeb0a5
- SHA1
  
  8a95529ededdd5b90d7d3ee3b2e0e93e098b794b
- SHA256
  
  4ed19fe8de5f2e052ba10a4c75a8b2b1021e6677f4a53d25d23e8b4c6aab6f1b
- SHA512
  
  76411e98cf463bbc462e02c8959c3fe06bfa38a1d4b34ad209306db07741d2a558dc15886a3ad215e451f569dd16967825690ddeddad0a7f341e5409974e6255
- SSDEEP
  
  12288:7MSU4joci8M6PW1GVFeFd60DFUyhehYM:ASUCpM2W1Gvgmyehv
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2